Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

PUP.InfoAtoms + one redirect[Solved]


  • This topic is locked This topic is locked

#31
Sonnet29

Sonnet29

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
Hi, I completed everything asked. I've noticed a slight freeze/lag currently in things such as trying to drag icons to the Recycle Bin or move them around the desktop. The icon will become briefly unresponsive after being highlighted as will the task bar.
  • 0

Advertisements


#32
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Hi. :)

I completed everything asked.

Good.

I've noticed a slight freeze/lag currently in things such as trying to drag icons to the Recycle Bin or move them around the desktop. The icon will become briefly unresponsive after being highlighted as will the task bar.

This may just be due to the age of the machine plus the factors my colleague godawgs mentioned here for example.

OK carry out the below first...

TFC(Temp File Cleaner):

  • Please download TFC to your desktop,
  • Save any unsaved work. TFC will close all open application windows.
  • Double-click on TFC.exe to run the program.
  • Click the Start button in the bottom left of TFC
  • If prompted, click "Yes" to reboot.
Note: Save your work. TFC will automatically close any open programs, let it run uninterrupted. It should not take longer than a couple of minutes , and may only take a few seconds. Only if needed will you be prompted to reboot.

I advise you keep TFC on your desktop after I give the all clear and run it say at least once per week as it is a very effective piece of software for cleaning out temp' files etc.

Next:

Run through the Hard-Drive Maintenance/Repair instructions again please. Tedious I know but a second time round may just make that bit of difference all told.

Next:

Let myself know when completed the above and if similar issues remaining I will merely have another check(s)/look to see if anything else specific is revealed that may account for what you mentioned prior OK.
  • 0

#33
Sonnet29

Sonnet29

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
I did as asked, this time CHKDSK took a while to complete, I guess I might have done something wrong before...

It replaced one bad cluster in step 4 of 5. I think everything else went fine. There is still a bit of lag as far as moving things to/from the desktop but everything else seems fine.
  • 0

#34
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Hi. :)

OK, carry out the below please and we will then go from there...

Scan with Speccy:

Please download the installer for Speccy from here to your desktop.

  • Double-click on spsetup120.exe to install the application >> follow the prompts >> deselect the option Automatically check for updates to Speccy(the others leave as is per your preferance) >> Install
  • Deselect View Release notes but leave Run Speccy vN.NN selected >> Finish
  • Speccy will now automatically scan your system, this may take some time etc.
  • Once it has completed scanning >> click on File >> Save as Text File... >> select the Desktop as the save destination >> Save
  • Close Speccy.
  • Open the notepad file you have just saved...
  • Scroll down to the heading Operating System >>next to Serial Number:
  • Delete/remove the actual serial number as prudent not to have that displayed in a open forum for security reasons etc.
  • Post the Speccy log in your next reply for my review.

  • 0

#35
Sonnet29

Sonnet29

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
Hello, the Speccy log is too long to post so I'm going to attach it instead, I hope that's alright.

Attached Files


Edited by Sonnet29, 02 March 2013 - 12:39 PM.

  • 0

#36
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Hi. :)

the Speccy log is too long to post so I'm going to attach it instead, I hope that's alright.

Not a problem I assure you.

The actual temperature for your machines hard-drive is a tad high but not really excessive:-

149GB Western Digital WDC WD1600AAJB-00PVA0 (PATA) 44 °C

So surmising the rest of the machine is running a tad warm also but because of its age no sensors to get readings from ...

Please check that the airflow vents on your machine are not clogged with excessive debris/dust etc and post a new OTL log for my review also please.
  • 0

#37
Sonnet29

Sonnet29

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
Hi, here is the new OTL log:

OTL logfile created on: 3/3/2013 1:25:50 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1021.98 Mb Total Physical Memory | 723.02 Mb Available Physical Memory | 70.75% Memory free
2.41 Gb Paging File | 2.19 Gb Available in Paging File | 90.83% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINXP | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 129.97 Gb Free Space | 87.20% Space Free | Partition Type: NTFS

Computer Name: JESS-DELL | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Administrator\Desktop\OTL.exe (OldTimer Tools)
PRC - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\WINXP\explorer.exe (Microsoft Corporation)


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)


========== Driver Services (SafeList) ==========

DRV - (XDva391) -- C:\WINXP\system32\XDva391.sys File not found
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (EagleXNt) -- C:\WINXP\system32\drivers\EagleXNt.sys File not found
DRV - (EagleNT) -- C:\WINXP\system32\drivers\EagleNT.sys File not found
DRV - (Changer) -- File not found
DRV - (MpKsl56ee201d) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1772B40E-A98E-4316-98F7-5D04B0CC955B}\MpKsl56ee201d.sys (Microsoft Corporation)
DRV - (HssDrv) -- C:\WINXP\system32\drivers\HssDrv.sys (AnchorFree Inc.)
DRV - (taphss) -- C:\WINXP\system32\drivers\taphss.sys (AnchorFree Inc)
DRV - (b57w2k) -- C:\WINXP\system32\drivers\b57xp32.sys (Broadcom Corporation)
DRV - (hamachi) -- C:\WINXP\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (VIAudio) -- C:\WINXP\system32\drivers\vinyl97.sys (VIA Technologies, Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINXP\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1078081533-1767777339-1417001333-500\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINXP\system32\blank.htm
IE - HKU\S-1-5-21-1078081533-1767777339-1417001333-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1078081533-1767777339-1417001333-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1078081533-1767777339-1417001333-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 73 CF 7C A0 21 FF CD 01 [binary data]
IE - HKU\S-1-5-21-1078081533-1767777339-1417001333-500\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1078081533-1767777339-1417001333-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1078081533-1767777339-1417001333-500\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1078081533-1767777339-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1078081533-1767777339-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINXP\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\25.0.1364.97\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\25.0.1364.97\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Chrome IE Tab (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\3.5.14.1_0\plugin/blackfishietab.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\Administrator\Application Data\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\Administrator\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINXP\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: WOT = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.9_0\
CHR - Extension: YouTube = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Search = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: AdBlock = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\
CHR - Extension: IE Tab = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\4.2.22.2_0\
CHR - Extension: FastestChrome - Browse Faster = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\7.0.3_0\
CHR - Extension: Gmail = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2008/04/14 07:00:00 | 000,000,734 | ---- | M]) - C:\WINXP\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll File not found
O4 - HKLM..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINXP\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002A] C:\WINXP\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINXP\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-1078081533-1767777339-1417001333-500..\Run: [DriverMax_RESTART] C:\Program Files\Innovative Solutions\DriverMax\devices.exe (Innovative Solutions)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1078081533-1767777339-1417001333-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1362074558500 (MUWebControl Class)
O16 - DPF: {7623BE59-D4CF-4379-ABC4-B39E11854D66} http://avatar.mabino....2010.05.24.cab (MabinogiWebAvatarRenderer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A6796D18-389A-480F-BEDF-104A5D19952E}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINXP\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINXP\system32\userinit.exe) - C:\WINXP\system32\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/05/26 09:15:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/03/02 13:26:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Speccy
[2013/03/02 13:25:51 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2013/02/28 17:12:16 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe
[2013/02/28 13:07:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013/02/28 13:07:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2013/02/28 13:07:26 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2013/02/28 12:04:56 | 000,000,000 | ---D | C] -- C:\Program Files\FileHippo.com
[2013/02/27 14:17:02 | 000,232,336 | ---- | C] (Microsoft Corporation) -- C:\WINXP\System32\MpSigStub.exe
[2013/02/27 14:13:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013/02/27 14:13:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2013/02/27 13:38:44 | 000,204,496 | ---- | C] (Malwarebytes) -- C:\Documents and Settings\Administrator\Desktop\startuplite-setup-1.07.exe
[2013/02/26 19:46:48 | 000,354,273 | ---- | C] (Farbar) -- C:\Documents and Settings\Administrator\Desktop\FSS.exe
[2013/02/25 16:52:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Mozilla
[2013/02/25 15:01:45 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/02/25 14:42:47 | 000,000,000 | ---D | C] -- C:\WINXP\System32\appmgmt
[2013/02/17 14:17:36 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Administrator\Desktop\aswMBR.exe
[2013/02/17 14:07:39 | 000,000,000 | ---D | C] -- C:\WINXP\ERDNT
[2013/02/17 14:03:53 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2013/02/17 14:03:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
[2013/02/16 16:45:20 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2013/02/09 00:00:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Mumble
[2013/02/08 21:52:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Mumble
[2013/02/08 21:49:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Mumble
[2013/02/08 21:48:56 | 000,000,000 | ---D | C] -- C:\Program Files\Mumble
[2013/02/06 17:42:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2013/02/06 17:41:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/02/06 17:41:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2013/02/06 17:41:07 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINXP\System32\drivers\mbam.sys
[2013/02/06 17:41:07 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

========== Files - Modified Within 30 Days ==========

[2013/03/03 13:20:34 | 000,002,261 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/03/03 13:05:45 | 000,000,366 | -H-- | M] () -- C:\WINXP\tasks\MpIdleTask.job
[2013/03/03 12:52:00 | 000,001,010 | ---- | M] () -- C:\WINXP\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1767777339-1417001333-500UA.job
[2013/03/03 02:28:02 | 000,000,384 | -H-- | M] () -- C:\WINXP\tasks\Microsoft Antimalware Scheduled Scan.job
[2013/03/02 21:52:00 | 000,000,958 | ---- | M] () -- C:\WINXP\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1767777339-1417001333-500Core.job
[2013/03/02 13:26:02 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Speccy.lnk
[2013/02/28 18:26:37 | 000,002,048 | --S- | M] () -- C:\WINXP\bootstat.dat
[2013/02/28 17:12:22 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe
[2013/02/28 13:05:43 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Pidgin.lnk
[2013/02/28 12:04:58 | 000,001,632 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Update Checker.lnk
[2013/02/28 01:04:55 | 000,432,784 | ---- | M] () -- C:\WINXP\System32\perfh009.dat
[2013/02/28 01:04:55 | 000,067,740 | ---- | M] () -- C:\WINXP\System32\perfc009.dat
[2013/02/27 14:14:36 | 000,001,945 | ---- | M] () -- C:\WINXP\epplauncher.mif
[2013/02/27 14:13:17 | 000,002,206 | ---- | M] () -- C:\WINXP\System32\wpa.dbl
[2013/02/27 13:38:44 | 000,204,496 | ---- | M] (Malwarebytes) -- C:\Documents and Settings\Administrator\Desktop\startuplite-setup-1.07.exe
[2013/02/27 13:38:21 | 000,594,019 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\AdwCleaner.exe
[2013/02/26 19:46:49 | 000,354,273 | ---- | M] (Farbar) -- C:\Documents and Settings\Administrator\Desktop\FSS.exe
[2013/02/21 17:59:39 | 000,002,362 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/02/21 17:59:38 | 000,002,344 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Google Chrome.lnk
[2013/02/17 14:18:57 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Administrator\Desktop\aswMBR.exe
[2013/02/17 14:03:54 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk
[2013/02/17 14:03:54 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2013/02/16 16:45:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2013/02/16 16:18:20 | 000,000,894 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Google Talk.lnk
[2013/02/13 16:49:39 | 000,190,592 | ---- | M] () -- C:\WINXP\System32\FNTCACHE.DAT
[2013/02/13 16:45:23 | 000,001,374 | ---- | M] () -- C:\WINXP\imsins.BAK
[2013/02/08 21:54:50 | 000,002,378 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\MumbleAutomaticCertificateBackup.p12
[2013/02/08 21:49:17 | 000,000,656 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mumble.lnk
[2013/02/06 17:41:10 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/02/06 07:03:16 | 000,001,142 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\ Mabinogi .lnk

========== Files Created - No Company Name ==========

[2013/03/02 13:26:02 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Speccy.lnk
[2013/02/28 13:07:31 | 000,002,261 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/02/28 13:05:43 | 000,000,660 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Pidgin.lnk
[2013/02/28 13:05:43 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Pidgin.lnk
[2013/02/28 12:04:58 | 000,001,638 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Update Checker.lnk
[2013/02/28 12:04:58 | 000,001,632 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Update Checker.lnk
[2013/02/27 14:24:07 | 000,000,384 | -H-- | C] () -- C:\WINXP\tasks\Microsoft Antimalware Scheduled Scan.job
[2013/02/27 14:24:07 | 000,000,366 | -H-- | C] () -- C:\WINXP\tasks\MpIdleTask.job
[2013/02/27 14:14:36 | 000,001,945 | ---- | C] () -- C:\WINXP\epplauncher.mif
[2013/02/27 14:14:08 | 000,001,694 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2013/02/27 13:38:20 | 000,594,019 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\AdwCleaner.exe
[2013/02/17 14:03:54 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk
[2013/02/17 14:03:54 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2013/02/16 16:18:20 | 000,000,894 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Google Talk.lnk
[2013/02/08 21:54:50 | 000,002,378 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\MumbleAutomaticCertificateBackup.p12
[2013/02/08 21:49:17 | 000,000,656 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mumble.lnk
[2013/02/06 17:41:10 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/01 16:38:33 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/14 23:44:28 | 000,003,072 | ---- | C] () -- C:\WINXP\System32\iacenc.dll
[2012/02/12 17:20:47 | 000,038,956 | -H-- | C] () -- C:\WINXP\System32\mlfcache.dat
[2011/11/13 01:05:38 | 000,000,262 | ---- | C] () -- C:\WINXP\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2011/10/03 23:11:45 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\ColorSet.ini
[2011/07/08 18:32:27 | 000,003,120 | ---- | C] () -- C:\WINXP\System32\2d2ca2ce-704a-428c-8cbe-0736b29190aa.dll
[2011/06/17 18:32:02 | 000,000,032 | R--- | C] () -- C:\Documents and Settings\All Users\hash.dat
[2011/05/26 09:23:56 | 000,012,288 | ---- | C] () -- C:\WINXP\System32\e100bmsg.dll
[2011/05/26 09:18:03 | 000,002,048 | --S- | C] () -- C:\WINXP\bootstat.dat
[2011/05/26 09:12:28 | 000,021,640 | ---- | C] () -- C:\WINXP\System32\emptyregdb.dat
[2011/05/26 05:00:46 | 000,004,073 | ---- | C] () -- C:\WINXP\ODBCINST.INI
[2011/05/26 04:59:38 | 000,190,592 | ---- | C] () -- C:\WINXP\System32\FNTCACHE.DAT

========== ZeroAccess Check ==========

[2011/08/14 02:23:32 | 000,000,227 | RHS- | M] () -- C:\WINXP\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 07:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINXP\system32\wbem\fastprox.dll -- [2010/09/16 11:11:04 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINXP\system32\wbem\wbemess.dll -- [2008/04/14 07:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
  • 0

#38
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Hi. :)

We can clean up a few erroneous entries and remove some further unnecessary start-ups and run a final scan as follows...

Backup the Registry:

Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

Click on Start >> Run...(or the Windows key and R together) to bring up the Run box and and copy and paste in:

"C:\Program Files\ERUNT\ERUNT.EXE" %SystemRoot%\ERDNT\otl-backup
and click on OK.

Custom OTL Script:

  • Double-click on OTL.exe to start the program.
  • Copy the lines from the quote-box(do not copy the word quote) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

:Commands
[CreateRestorePoint]

:OTL
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll File not found
O13 - gopher Prefix: missing

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"googletalk"=-
"IMJPMIG8.1"=-
"PHIME2002A"=-
"PHIME2002ASync"=-
[HKEY_USERS\S-1-5-21-1078081533-1767777339-1417001333-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DriverMax_RESTART"=-

:Commands
[ResetHosts]
[EmptyTemp]

  • Return to OTL, right-click in the Custom Scans/Fixes window (under the cyan bar) and choose Paste.
  • Then click the red Run Fix button.
  • Let the program run unhindered.
  • If OTL asks to reboot your computer, allow it to do so. The report should appear in Notepad after the reboot.
Note: The logfile can also be located C: >> _OTL >> MovedFiles >> DD/DD/DD TT/TT.txt <-- denotes date/time log created.

Malwarebytes Anti-Malware:

  • Launch the application, Check for Updates >> Perform quick scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

When completed the above, please post back the following in the order asked for:

  • How is your computer performing now, any further symptoms and or problems encountered?
  • OTL Log from the Custom Script.
  • Malwarebytes Anti-Malware Log.

  • 0

#39
Sonnet29

Sonnet29

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
Hi, my computer seems to be running fine. I haven't noticed anything out of the ordinary. The lag in moving things about seems to be gone from some brief testing! :happy: I do have a question though, when I restart my computer there is usually a yellow shield notifying me that I have updates ready. I select to download them but I'm not sure if they're being installed. I set Windows Update to notify me when available, but allow me to manually download them. I thought that they're usually installed upon restarting but I haven't seen the prompts lately and don't know how to check offhand.

Here is the OTL log from the custom script:

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\googletalk deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\IMJPMIG8.1 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\PHIME2002A deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\PHIME2002ASync deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1078081533-1767777339-1417001333-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\DriverMax_RESTART deleted successfully.
========== COMMANDS ==========
C:\WINXP\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 846 bytes
->Temporary Internet Files folder emptied: 1653462 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 351219161 bytes
->Flash cache emptied: 401 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 22682 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 74316 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 337.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 03042013_141137

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


And here is the Malwarebytes Anti-Malware log:

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.03.04.09

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Administrator :: JESS-DELL [administrator]

3/4/2013 2:17:58 PM
mbam-log-2013-03-04 (14-17-58).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 186883
Time elapsed: 6 minute(s), 37 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
  • 0

#40
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Hi. :)

my computer seems to be running fine. I haven't noticed anything out of the ordinary. The lag in moving things about seems to be gone from some brief testing! :happy:

Good.

I do have a question though, when I restart my computer there is usually a yellow shield notifying me that I have updates ready. I select to download them but I'm not sure if they're being installed. I set Windows Update to notify me when available, but allow me to manually download them. I thought that they're usually installed upon restarting but I haven't seen the prompts lately and don't know how to check offhand.

No actual critical updates have been released for XP SP3 of late if I recall correctly. To double check go here >> double click on the Express tab. Another way to check is via:-

Start >> All Programs >> Windows Update

A probable reason why no updates released recently is because overall support is winding down for XP SP3 - Support for Windows XP is ending on April 8, 2014.

So once next year comes you will have to check(or check now, upgrade if possible) if your machine can be updated to any of the other Operating Systems:-

Windows Vista Upgrade Advisor

Windows 7 Upgrade Advisor

Windows 8 Upgrade Assistant

Do bare in mind my prior advice about upgrading the actual RAM(random access memory) also as with any of the above the more you machine is capable of supporting the better etc.

Now in the event your machine does not meet the specifications for upgrading to any of the above Operating Systems my advice would be keep the machine off-line(as in no active internet connection) once Microsoft has discontinued support next year and merely use as a stand alone work-station for example as using a unsupported Operating System online is sure fire way for it to become badly compromised.

Next:

Congratulations your computer appears to be malware free!

Now I have some tasks for your good self to carry out as part of a clean up process and some advice about online safety.

Importance of Regular System Maintenance:

I advice you read both of the below listed topics as this will go a long way to keeping your Computer performing well.

Help! My computer is slow!

Also so is this:

What to do if your Computer is running slowly

Reset SR Points/Clean up with OTL:

  • Double-click OTL to start the program.
  • Copy the lines from the codebox to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
:Commands
[ClearAllRestorePoints]
  • Return to OTL, right-click in the Custom Scans/Fixes window (under the cyan bar) and choose Paste.
  • Then click the red Run Fix button.
  • Let the program run unhindered. When finished click on OK and close the log that appears.
  • Note: I do not need to review the log produced.
  • Now close all other programs apart from OTL as this step will require a reboot.
  • On the OTL main screen, depress the CleanUp button.
  • Say Yes to the prompt and then allow the program to reboot your computer.
The above process will flush old System Restore points and create a new clean one. It should also clean up and remove the vast majority of scanners used and logs created etc.

Any left over merely delete yourself and empty the Recycle Bin.

Now some advice for on-line safety:

Malwarebyte's Anti-Malware:

This is a excellent application and I advise you keep this installed. Check for updates and run a scan at least once per week.

Other installed security software:

Your presently installed security application, Microsoft Security Essentials automatically checks for updates and downloads/installs them with every system reboot and or periodically if the machine is left running providing a internet connection is active.

I advise you also run a complete scan with this also at least once per week.

Erunt:

Emergency Recovery Utility NT, I advice you keep this installed as a means to keep a complete backup of your registry and restore it when needed.

Myself I would actually create a new back up once per week as this along with System Restore may prove to be invaluable if something unforeseen occurs!

Be careful when opening attachments and downloading files:

Never open email attachments, not even if they are from someone you know. If you need to open them, scan them with your antivirus program before opening.
Never open emails from unknown senders.
Beware of emails that warn about viruses that are spreading, especially those from antivirus vendors. These email addresses can be easily spoofed. Check the antivirus vendor websites to be sure.
Be careful of what you download. Only download files from known sources. Also, avoid cracked programs. If you need a particular program that costs too much for you, try finding free alternatives on Sourceforge or Pricelessware.

Stop malicious scripts:

Windows by default allow scripts (which is VBScript and JavaScript) to run and some of these scripts are malicious. Use Noscript by Symantec or Script Defender by AnalogX to handle these scripts.

Avoid Peer to Peer software:

P2P may be a great way to get lots of seemingly freeware, but it is a great way to get infected as well. There's no way to tell if the file being shared is infected. Worse still, some worms spread via P2P networks, infecting you as well. My advice is avoid these types of software applications.

Hosts File:

A Hosts file is like a phone book. You look up someone's name in the phone book before calling him/her. Similarly, your computer will look up the website's IP address before you can view the website.

Hosts file will replace your current Hosts file with another one containing well-known advertisement sites, spyware sites and other bad sites. This new Hosts file will protect you by re-directing these bad sites to 127.0.0.1.

Here are some Hosts files:

Only use one of the above!

Consider installing WinPatrol:

WinPatrol alerts you about possible system hijacks, malware attacks and critical changes made to your computer without your permission.

Download it from here.

You can find information about how WinPatrol works here.

Next:

This is a very helpful/useful set of advice from Microsoft: Safety & Security Centre .

Any questions? Feel free to ask, if not stay safe!
  • 0

Advertisements


#41
Sonnet29

Sonnet29

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
Hello,

(EDIT: Just a small aside, while I'm not sure if it's useful information-- Vista's upgrade advisor both from the Microsoft website + Majorgeeks site report that there's no connection or the server is busy, thus turning up no results... I don't think it's an issue for me though I just wanted to point it out!)

I wouldn't have known about XP support being stopped, I guess I will have to look into alternatives very soon. I don't have any further questions to ask. Just my deep thanks. Thank you so much for your kind assistance Dakeyras and for the peace of mind I have now with my computers. :happy:

Edited by Sonnet29, 06 March 2013 - 03:56 PM.

  • 0

#42
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Hi. :)

(EDIT: Just a small aside, while I'm not sure if it's useful information-- Vista's upgrade advisor both from the Microsoft website + Majorgeeks site report that there's no connection or the server is busy, thus turning up no results... I don't think it's an issue for me though I just wanted to point it out!)

Appears to be working now...

I wouldn't have known about XP support being stopped, I guess I will have to look into alternatives very soon. I don't have any further questions to ask. Just my deep thanks. Thank you so much for your kind assistance Dakeyras and for the peace of mind I have now with my computers. :happy:

Well you do have roughly a year before support is withdrawn so a bit of leeway and you are most welcome!

--------------

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP